flags tcp and abscence of flag
Daniel Hartmeier
daniel at benzedrine.cx
Thu Mar 1 08:36:34 UTC 2007
On Wed, Feb 28, 2007 at 04:48:37PM -0300, Eduardo Meyer wrote:
> Translating to human lang, what I want is "look everywhere and match
> only packets with fin set but syn, rst and ack unset.
>
> How can I do the "unset" evaluation?
"flags F/FSRA" does precisely that. It is not the same as "flags F/F",
which would only test whether FIN is set.
Daniel
More information about the freebsd-pf
mailing list